Mandarin Oriental Hotel Group is investigating a credit card breach, according to a statement emailed to SCMagazine.com on Wednesday.
“We can confirm that Mandarin Oriental has been alerted to a potential credit card breach and is currently conducting a thorough investigation to identify and resolve the issue,” according to the statement. “Unfortunately incidents of this nature are increasingly becoming an industry-wide concern. The Group takes the protection of customer information very seriously and is coordinating with credit card agencies and the necessary forensic specialists to ensure our guests are protected.”
In a different statement posted to the Mandarin Oriental website on Thursday, the international hotel investment and management group said it has removed the “offending malware.” The company said it has top security systems in place, but the malware was undetectable by all anti-virus systems.
The incident affected “an isolated number” of hotels in the U.S. and Europe, but none were impacted in Asia, according to the statement, which adds that further details cannot be disclosed due to the ongoing investigation.
“Moreover, from the information we have to date, the breach has only affected credit card data and not any other personal guest data, and credit card security codes have not been compromised,” according to the statement. Mandarin Oriental is testing its security protocols and is taking additional steps to prevent a similar incident from occurring.
Technology journalist Brian Krebs reported on Wednesday that he contacted the hotel group after financial industry sources identified a pattern of fraudulent charges on payment cards, all of which had been used recently at Mandarin hotels.